-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Sat, 2018-06-30 at 12:43 -0500, John R. Dennison wrote:
On Fri, Jun 29, 2018 at 12:01:50PM -0400, Matthew Miller wrote:
On Fri, Jun 29, 2018 at 05:43:04AM +0000, Veetil, Vyshnav wrote:
Do we know the reason why this below listed CVEs will not be fixed For elfutils-libelf,elfutils-libs and elfutils pakages ? 1.CVE-2017-7607 2.CVE-2017-7608 3.CVE-2017-7609 4.CVE-2017-7610 5.CVE-2017-7611 6.CVE-2017-7612 7.CVE-2017-7613
What makes you believe that they are not?
https://access.redhat.com/security/cve/cve-2017-7607 https://access.redhat.com/security/cve/cve-2017-7608 https://access.redhat.com/security/cve/cve-2017-7609 https://access.redhat.com/security/cve/cve-2017-7610 https://access.redhat.com/security/cve/cve-2017-7611 https://access.redhat.com/security/cve/cve-2017-7612 https://access.redhat.com/security/cve/cve-2017-7613
:)
Hi all,
Could those reporting do an audit. I have checked the first link supplied 2017- 7607.
Follow it to bugzilla and you get a link to a gentoo page referencing a fix that would be in elfutils 0.169. Erm... RHEL / CentOS 7 latest is elfutils 0.170, so newer than the proposed release version with fix in.
Regards
Phil
- -- *** If this is a mailing list, I am subscribed, no need to CC me.***
Playing the game for the games sake.
IRC: kathenas
Web: https://kathenas.org
Github: https://github.com/kathenas
GitLab: https://gitlab.com/kathenas
Twitter: kathenasorg
GPG: A0C3 4C6A AC2B B8F4 F1E5 EDF4 333F 60DC B0B9 BB77